diff --git a/README.md b/README.md index 184c145..b24dc62 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,111 @@ -# ansible-privatebin -Ansible role to install and configure PrivateBin +# PrivateBin Role + +Role installs and configures [PrivateBin](https://privatebin.info/) docker container. + +## Requirements + +Need to have an SSL Certificate, geerlingguy.certbot ansible galaxy role can be used to generate a Let's Encrypt SSL for the domain, if one does not already exist. + +## Role Variables +### Task Variables +```yaml +private_bin_version: {{ version | default('1.3.4') }} +private_bin_user: 65534 # UID 65534 https://github.com/PrivateBin/docker-nginx-fpm-alpine +private_bin_group: 82 # GID 82 https://github.com/PrivateBin/docker-nginx-fpm-alpine +private_bin_directory: /srv +``` + +### conf.php Variables +These variables are the default ones that are set in the conf.sample.php file from the PrivateBin repo. +* Variables that are set `true` can be set `false` and vise versa. +* Variables that are left blank below are commented out in the config by default unless defined. +More deatils on the Variables here https://github.com/PrivateBin/PrivateBin/wiki/Configuration +Variables are fed into the [templates/conf.php.j2](templates/conf.php.j2) file + +```yaml +private_bin_main_name: +private_bin_main_dicussion: "true" +private_bin_main_opendicussion: "false" +private_bin_main_password: "true" +private_bin_main_fileupload: "false" +private_bin_main_burnafterreadingselected: "false" +private_bin_main_defaultformatter: plaintext # plaintext, markdown, syntaxhighlighting +private_bin_main_syntaxhighlightingtheme: # sons-of-obsidian +private_bin_main_paste_sizelimit: 10485760 +private_bin_main_template: bootstrap-dark # bootstrap, bootstrap-page, bootstrap-dark, bootstrap-dark-page, bootstrap-compact, bootstrap-compact-page, page +private_bin_main_notice: +private_bin_main_language_selection: "false" +private_bin_main_language_default: +private_bin_main_url_shortener: +private_bin_main_qrcode: "false" +private_bin_main_icon: identicon # identicon, vizhash, none +private_bin_main_cspheader: +private_bin_main_zerobincompatibility: "false" +private_bin_main_httpwarning: "true" +private_bin_main_compression: zlib # none +private_bin_expire_default: 1week # 5min 10min 1hour 1day 1week 1month 1year never + +private_bin_expire_options: # add your own custom expire times + - time: $nicename + seconds: $seconds + - time: $nicename_2 + seconds: $seconds_2 + +private_bin_traffic_limit: 10 +private_bin_traffic_header: +private_bin_traffic_directory: data +private_bin_purge_limit: 300 +private_bin_batchsize_limit: 10 +private_bin_purge_directory: data + +private_bin_model_class: Filesystem # Filesystem, MySql, SQLite +private_bin_model_fs_option_directory: data +private_bin_model_mysql_option_dsn: +private_bin_model_mysql_option_tbl: +private_bin_model_mysql_option_usr: +private_bin_model_mysql_option_pwd: +private_bin_model_mysql_option_opt: +private_bin_model_sqlite3_option_path: +private_bin_model_sqlite3_option_usr: +private_bin_model_sqlite3_option_pwd: +private_bin_model_sqlite3_option_opt: +``` + +## Dependencies + +None + +## Example Playbook + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + +```yaml + - hosts: privatebinhost + become: true + vars: + private_bin_version: {{ version | default('1.3.4') }} + + # Set default page name + private_bin_main_name: "My Private Bin" + + # different install location than /srv + private_bin_directory: /home/webuser/privatebin + + # Set custom expiration times + private_bin_expire_options: + - time: 1min + seconds: 60 + - time: 5min + seconds: 300 + - time: 15min + seconds: 900 + - time: 1hour + seconds: 3600 + roles: + - geerlingguy.docker + - stationgroup.privatebin +``` + +## License + +GPLv2 diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..a4cb5f0 --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,74 @@ +--- +# task variables +private_bin_repo: https://github.com/PrivateBin/PrivateBin +#private_bin_version: 1.3.4 +private_bin_archive_format: tar.gz +private_bin_user: www-data +private_bin_group: www-data +private_bin_directory: /var/www/html/privatebin + +# conf.php.j2 template variables +# https://github.com/PrivateBin/PrivateBin/wiki/Configuration +# https://github.com/PrivateBin/PrivateBin/blob/master/cfg/conf.sample.php +private_bin_main_name: +private_bin_main_dicussion: "true" +private_bin_main_opendicussion: "false" +private_bin_main_password: "true" +private_bin_main_fileupload: "false" +private_bin_main_burnafterreadingselected: "false" +private_bin_main_defaultformatter: plaintext +private_bin_main_syntaxhighlightingtheme: +private_bin_main_paste_sizelimit: 10485760 +private_bin_main_template: bootstrap-dark +private_bin_main_notice: +private_bin_main_language_selection: "false" +private_bin_main_language_default: +private_bin_main_url_shortener: +private_bin_main_qrcode: "false" +private_bin_main_icon: identicon +private_bin_main_cspheader: +private_bin_main_zerobincompatibility: "false" +private_bin_main_httpwarning: "true" +private_bin_main_compression: zlib +private_bin_expire_default: 1week +private_bin_expire_options: + - time: 5min + seconds: 300 + - time: 10min + seconds: 600 + - time: 1hour + seconds: 3600 + - time: 1day + seconds: 86400 + - time: 1week + seconds: 604800 + - time: 1month + seconds: 2592000 + - time: 1year + seconds: 31536000 + - time: never + seconds: 0 +private_bin_formatter_options: + - format: plaintext + label: "Plain Text" + - format: syntaxhighlighting + label: "Source Code" + - format: markdown + label: "Markdown" +private_bin_traffic_limit: 10 +private_bin_traffic_header: +private_bin_traffic_directory: data +private_bin_purge_limit: 300 +private_bin_batchsize_limit: 10 +private_bin_purge_directory: data +private_bin_model_class: Filesystem +private_bin_model_fs_option_directory: data +private_bin_model_mysql_option_dsn: +private_bin_model_mysql_option_tbl: +private_bin_model_mysql_option_usr: +private_bin_model_mysql_option_pwd: +private_bin_model_mysql_option_opt: +private_bin_model_sqlite3_option_path: +private_bin_model_sqlite3_option_usr: +private_bin_model_sqlite3_option_pwd: +private_bin_model_sqlite3_option_opt: diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 0000000..0f10dfa --- /dev/null +++ b/meta/main.yml @@ -0,0 +1,15 @@ +galaxy_info: + author: zfuller + description: Simple role to install and configure PrivateBin on Ubuntu + issue_tracker_url: https://github.com/zfuller/privatebin/issues + license: GPLv2 + min_ansible_version: 2.4 + platforms: + - name: Ubuntu + versions: + - trusty + - xenial + - bionic + galaxy_tags: + - privatebin + - pastebin diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..fa6ac61 --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,29 @@ +--- +- name: making directories + file: + path: "{{ private_bin_directory }}/data" + state: directory + mode: 0750 + owner: "{{ private_bin_user }}" + group: "{{ private_bin_group }}" + +- name: making directories + file: + path: "{{ private_bin_directory }}/cfg" + state: directory + mode: 0750 + owner: "{{ private_bin_user }}" + group: "{{ private_bin_group }}" + +- name: Setting up config file + template: + src: templates/conf.php.j2 + dest: "{{ private_bin_directory }}/cfg/conf.php" + owner: "{{ private_bin_user }}" + group: "{{ private_bin_group }}" + mode: 0640 + +- name: pull and run privatebin docker + become: "true" + become_user: "root" + shell: "/usr/bin/docker run -d --restart='always' --read-only -p 8080:8080 -v {{ private_bin_directory }}/cfg/conf.php:{{ private_bin_directory }}/cfg/conf.php:ro -v {{ private_bin_directory }}/data:{{ private_bin_directory }}/data privatebin/nginx-fpm-alpine:{{ private_bin_version }}" diff --git a/templates/conf.php.j2 b/templates/conf.php.j2 new file mode 100644 index 0000000..9d186e4 --- /dev/null +++ b/templates/conf.php.j2 @@ -0,0 +1,212 @@ +;